Edge Control Protocol Bridge & OPC UA¶
PLCopen OPC UA Transport Layer¶
OPC UA is a machine-to-machine communication protocol for industrial automation developed by the OPC Foundation. Historically, OPC UA only supported a client/server model, but in recent years an additional publish/subscribe model has become available. Currently, most industrial applications only utilize the older OPC UA client/server model, primarily as a result of the industry trend to cautiously adopt new technologies.
OPC UA Client/Server Model¶
First released in 2006, OPC UA was developed to replace its predecessor (OPC) and provide a path forward that would better meet the emerging needs of industrial automation. Since its release, OPC UA has seen enormous success in the automation industry and continues to be employed, with its primary application to provide a standard fieldbus communication between PLCs and networked devices.
OPC UA Publish/Subscribe Model¶
The newest addition to OPC UA is the publish/subscribe model. The Publish/Subscribe (PubSub) extension for OPC UA enables fast and efficient 1:m communication. The PubSub extension is protocol agnostic and can be used with broker-based protocols like MQTT and AMQP or brokerless implementations like UDP-Multicasting.
Unfortunately, OPC UA publish/subscribe is not backwards compatible with OPC UA client/server. A software bridge is required to permit cross communication between the two models. To solve this issue, ECI includes an Edge Control Protocol Bridge. The EC Protocol Bridge can bridge OPC UA client/server to publish/subscribe.
Edge Control Protocol Bridge¶
ECI provides an Edge Control Protocol Bridge, which can be used to bridge various industrial protocols together, effectively providing translation from one protocol to another. Some use cases include bridging the OPC UA Client/Server Model to OPC UA Publish/Subscribe Model. Other uses include bridging the PLCopen OPC UA Transport Layer to MQTT.
Install Edge Control Protocol Bridge¶
You can install this component from the ECI repository. Setup the ECI repository, then perform either of the following commands to install this component:
- Install from meta-package
$ sudo apt install eci-connectivity-ec-bridge
- Install from individual Deb packages
$ sudo apt install ec-bridge-dev ec-bridge \ ec-plg-sim-dev ec-plg-sim \ ec-plg-mqtt-dev ec-plg-mqtt \ ec-plg-opcua-rt-dev ec-plg-opcua-rt ec-plg-opcua-rt-pkcs11 \ ipc-p11-client-grpc \ ec-plg-shmem-dev ec-plg-shmem ec-plg-shmem-testapps \ ec-plg-emb-dev ec-plg-emb \ ec-opcsvr libopcsvrcb-dev \ ec-plg-template ec-plg-template-cpp \ ec-scripts
Edge Control Protocol Bridge Plugins¶
The following table provides information on the EC Protocol Bridge and lists its various plugins.
Document / Section |
Description |
|---|---|
This Developer Guide covers the fundamentals for using and developing custom plugins within the EC Protocol Bridge framework. |
|
This section details the Edge Control Protocol Bridge application. |
|
This section details the configuration parameters that are common to all plug-ins. |
|
This section details the configuration parameters that are defined for the OPC UA plug-in. Note: This plugin only supports platforms with at least four cores. |
|
This section details the methods of creating and using certificates to sign and encrypt OPC UA data. |
|
This section details the configuration parameters that are defined for the MQTT plug-in. |
|
This section details the configuration parameters that are defined for the Simulator plug-in. |
|
This section details the configuration parameters that are defined for the Shared Memory plug-in. |
|
This section details the Edge Control Server application. |
|
This section details the configuration parameters that are defined for the EII Message Bus (EMB) plug-in. |
|
This section details the configuration parameters that are common across all C++ plug-ins. |
|
This section details the configuration parameters that are common across all plug-ins. |
EC Protocol Bridge Example Configurations¶
This section provides a set of examples, which exercise the functionality of the EC Protocol Bridge (Plug-in Framework). Each example supplies a different configuration file to the EC Protocol Bridge. The configuration file determines the plug-ins that are loaded and the configuration, thus the overall functionality.
The following section is applicable to:
EC Protocol Bridge Prerequisites and Instructions¶
Make sure that the EC Protocol Bridge is installed. For more information, refer to Install Edge Control Protocol Bridge.
Make sure elevated permissions are available for best results, depending on the example being executed.
Make sure you have terminal access to execute the EC Protocol Bridge and view the results.
Adjust the command line for each test case depending upon the file path of the EC Protocol Bridge and the configuration test files. All examples assume the current directory is the location of the EC Protocol Bridge and the ‘config’ directory is a sub-directory.
Allow the application to execute for 10 seconds or so for each test case and then terminate with CTRL + C. This should allow sufficient time for the plug-ins to initialize, connect to resources, and start outputting valid results to the terminal.
Example #1: Data Exchange using all Datatypes¶
This example demonstrates the exchange of all supported datatypes between two plug-ins.
Navigate to the EC Protocol Bridge directory on the target system:
$ cd /opt/ec-protocol-bridge
Execute the EC Protocol Bridge and supply the smoke-test.yaml configuration:
$ sudo ./ec-bridge ./config/smoke-test.yaml
Expected Results
Three output data fields: an integer, a float, and a string. Look for lines similar to these (ignoring all others) and make a note of any errors (a char E after the timestamp):
15:12:16.214374 D eci_display_variant fld-int32: 1 15:12:16.215392 D eci_display_variant fld-float: 0.100000 15:12:16.227001 D eci_display_variant fld-string: A random number: "77"
Example #2: OPC UA Publish and Subscribe over ETF¶
This example demonstrates OPC UA Publish and Subscribe over ETF using separate OPC UA instances.
Navigate to the EC Protocol Bridge directory on the target system:
$ cd /opt/ec-protocol-bridge
Execute the EC Protocol Bridge and supply the
opc-pubsub-etf-loopback.yamlconfiguration:$ sudo ./ec-bridge ./config/opc-pubsub-etf-loopback.yaml
Expected Results
Three output data fields: an integer, a float, and a string. Look for lines similar to these (ignoring all others) and make note of any errors (a char E after the timestamp):
20:38:00.303452 D eci_display_variant fld-int32: 1 20:38:00.303478 D eci_display_variant fld-float: 0.100000 20:38:00.303493 D eci_display_variant fld-string: A random number: "77"
Example #3: OPC UA Client Read and Write¶
This example demonstrates OPC UA Client Write and Read.
On terminal 1, run the EC Server Configuration:
$ /opt/ec-protocol-bridge/opcsvr /opt/ec-protocol-bridge/config/opcsvr.yaml
On terminal 2, navigate to the EC Protocol Bridge directory on the target system:
$ cd /opt/ec-protocol-bridge
On terminal 2, execute the EC Protocol Bridge and supply the
opc-cli-rw.yamlconfiguration:$ sudo ./ec-bridge ./config/opc-cli-rw.yaml
Expected Results
Three output data fields: an integer, a float, and a string. Look for lines similar to these (ignoring all others) and make note of any errors (a char E after the timestamp):
15:12:16.214374 D eci_display_variant fld-int32: 1 15:12:16.215392 D eci_display_variant fld-float: 0.100000 15:12:16.227001 D eci_display_variant fld-string: A random number: "77"
Example #4: Secure OPC UA Client Read and Write¶
This example demonstrates a secure OPC UA client (sign and encrypt).
As a pre-requisite, the server needs a signed certificate that includes its public key, and the client needs a signed certificate that includes its public key. For more details on generating the keys, refer to OPC UA Key Generation.
The example consists of the following:
An OPC UA server application,
opcsvr, with nodes from which the client plug-in will read. This application is written such that the server requires sign and encrypt security. The configuration for the application isopcsvr-secure.yaml. This OPC UA server runs on port 53550.The EC Protocol Bridge and OPC UA client plug-in. This is the example being demonstrated. The configuration for the plug-in is
opc-cli-rw-secure.yaml.The certificate and private key files for the server that runs on port 53550 and the client running as a plug-in. These are
server-certificate.der,server-private-key.der,client-certificate.der, andclient-private-key.enc.
Navigate to the EC Protocol Bridge security directory on the target system:
$ cd /opt/ec-protocol-bridge/security
Generate signed certificates for the server and client by following the steps on OPC UA Key Generation.
On terminal 1, run the EC Server Configuration:
$ /opt/ec-protocol-bridge/opcsvr /opt/ec-protocol-bridge/config/opcsvr-secure.yaml
On terminal 2, navigate to the EC Protocol Bridge directory on the target system:
$ cd /opt/ec-protocol-bridge
On terminal 2, execute the EC Protocol Bridge and supply the
opc-cli-rw-secure.yamlconfiguration. Note that-Eis used, so that thesudouser can inherit environment variables needed for the key store:$ sudo -E ./ec-bridge ./config/opc-cli-rw-secure.yaml
Expected Results
Three output data fields: an integer, a float, and a string. Look for lines similar to these (ignoring all others) and make note of any errors (a char E after the timestamp):
15:12:16.214374 D eci_display_variant fld-int32: 1 15:12:16.215392 D eci_display_variant fld-float: 0.100000 15:12:16.227001 D eci_display_variant fld-string: A random number: "77"
Example #5: EII Message Bus Publisher and Subscriber¶
This example demonstrates the EII Message Bus (EMB) configuration with an instance of publisher and subscriber.
Navigate to the EC Protocol Bridge directory on the target system:
$ cd /opt/ec-protocol-bridge
Execute the EC Protocol Bridge and supply the
emb-ipc-loopback.yamlconfiguration:$ sudo ./ec-bridge ./config/emb-ipc-loopback.yaml
Expected Results
Three output data fields: an integer, a float, and a string. Look for lines similar to these (ignoring all others) and make note of any errors (a char E after the timestamp):
15:26:06.903033 D eci_display_variant fld1: 1 15:26:06.903654 D eci_display_variant fld2: 0.100000 15:26:06.904075 D eci_display_variant fld3: A random number: "90"
Example #6: MQTT Publish and Subscribe¶
This example demonstrates MQTT publishing.
Install the mosquitto utility Deb packages:
$ sudo apt install mosquitto mosquitto-clients
On terminal 1, launch the MQTT subscriber that listens for all topics:
$ mosquitto_sub -v -t '#'
On terminal 2, navigate to the EC Protocol Bridge directory on the target system:
$ cd /opt/ec-protocol-bridge
On terminal 2, execute the EC Protocol Bridge and supply the
mqtt-loopback.yamlconfiguration:$ sudo ./ec-bridge ./config/mqtt-loopback.yaml
Expected Results
The terminal running the MQTT subscriber should output the content published by the MQTT plug-in. This will consist of a JSON string containing three data fields, one an incrementing counter, one a float, and one string with random number. For example, look for lines similar to these (ignoring all others) and make note of any errors (a char E after the timestamp):
message {"fld-int32":17,"fld-float":1.7000000476837158,"fld-string":"A random number: \"39\""}
EC Protocol Bridge Example Applications¶
The following section provides example applications of the EC Protocol Bridge. These examples attempt to showcase realistic uses, which highlight the value of the EC Protocol Bridge.
Document / Section |
Description |
|---|---|
The single-host roundtrip TSN transport example uses multiple instances of the EC Protocol Bridge and the OPC UA plug-in to create a roundtrip OPC UA communication loop. The example also demonstrates how to configure the OPC UA plug-in to take advantage of Time Sensitive Networking. |
|
The OPC UA Publish/Subscribe Example makes use of CODESYS and the ECI Edge Control Protocol Bridge to showcase bridging OPC UA Client/Server Model to OPC UA Publish/Subscribe Model. |